On Thu, 20 Sep 2001, Karl J. Runge wrote:
> Consider what happen would if an "execute arbitrary commands" exploit in
> Apache httpd popped up.
Then attackers would be able to execute arbitrary commands as the "nobody"
user, which has no access to anything on a proper system.
On MS IIS, this leads to the moral equivalent of a root compromise, because
IIS runs with elevated privileges.
Unix has already made these mistakes, and learned from them. Even
Sendmail, long considered the root compromise path of choice, is designed to
run unprivileged in the latest release. Microsoft continues to release
software which runs with elevated privileges by default. Remember, NT is
the OS that had a security vulnerability because the *screen saver* ran with
superuser privileges.
Granted, a lot of problems in the Microsoft community come from poor user
security ("Ohhh, someone I don't know just emailed me a program! Let's run
it and see what happens!"). However, a lot of them come from systematic
design failures on the part of Microsoft, and they show little inclination
to change.
--
Ben Scott <[EMAIL PROTECTED]>
| The opinions expressed in this message are those of the author and do not |
| necessarily represent the views or policy of any other person, entity or |
| organization. All information is provided without warranty of any kind. |
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
